Downloads

CiscoWorks Network Compliance Manager (NCM) tracks and regulates configuration and software changes throughout a multivendor network infrastructure. It provides superior visibility into network changes and can track compliance with a broad variety of regulatory, IT, corporate governance, and technology requirements. CiscoWorks NCM helps IT staff identify and correct trends that could lead to problems such as network instability and service interruption.

PRODUCT OVERVIEW

Enterprises seeking to enable high-performance business applications increasingly rely on sophisticated networking infrastructure and the power of new technologies. Network operations and security managers rely on systems that can automate network deployments, handle large and complex topologies, and track and audit how actual network deployments comply with design requirements and best practices. Enterprise networks must comply with regulatory policies, corporate IT methodologies, and technology best practices-independently of scale, networking technologies deployed, and the combination of vendors providing networking equipment.

• It tracks all changes to the network-configuration, software, and hardware changes-in real time and captures them in a detailed audit trail.

• It screens all changes against authorized policies immediately to ensure that they comply with regulatory requirements or IT best practices.

• It automatically validates new changes against appropriate policies before they are pushed to the network. If the changes are not compliant, CiscoWorks NCM does not allow them to be deployed.

• It automates the change review process, closing the gap between the approval of a change and the actual configuration change that is pushed to the network.

• It allows managers to enforce the approval of a change through a flexible, integrated approval model, using the exact configuration code that will be pushed to the network. Approvers of a change can review the change in the context of the entire device configuration and the business units it will affect. Event notifications are sent to interested parties, giving network staff immediate visibility into unplanned and unauthorized changes.

• It limits network configuration information to users on a need-to-know basis. CiscoWorks NCM uses highly customizable role-based permissions to control what information a user can view, what actions a user can perform on devices, and which devices a user can gain direct access to.

• It ships with regulatory reports for SOX, VISA CISP, HIPAA, GLBA, ITIL, CobiT, and COSO enabled, providing the detailed metrics required by each of these regulations and providing the network information necessary to prove compliance. Included by default are reports on users, systems, network status, configurations, devices, software vulnerabilities, tasks or jobs, Telnet/SSH sessions, and compliance centers. Reports can be customized to include information such as:

–All Cisco® devices running a given version of Cisco IOS® Software

–All devices using insecure protocols for configuration management

–All devices with a faulty module

–All configuration changes made over a period of time for a set of devices

· Supports thousands of device models or versions from Cisco Systems® and 35 other vendors

· Frequent and easy-to-deploy device driver releases are available

Connectors with third-party software

Includes connectors with HP OpenView and with Remedy AR

CISCOWORKS INTEGRATION

As a CiscoWorks application, CiscoWorks NCM integrates with the extensive features and capabilities of other CiscoWorks products. It also provides cross-launch of various features across CiscoWorks NCM and other CiscoWorks applications such as the LAN Management Solution (LMS) bundle.

• Same-server coexistence: CiscoWorks NCM software, CiscoWorks NCM database (Oracle or MySQL), and CiscoWorks LMS can be configured to run on the same host. CiscoWorks NCM and LMS can share the TFTP server, and LMS can receive all syslog messages forwarded by NCM.

HIGH-AVAILABILITY DEPLOYMENT OPTIONS

CiscoWorks NCM is architected for fairly large network deployments of up to tens of thousands of managed nodes, thanks to robust features such as data redundancy and high availability. For network managers concerned about high availability due to the critical nature of network compliance, configuration, and change management, CiscoWorks NCM can be deployed in (optional) high-availability server configurations. The High Availability and Satellite deployment options provide a robust deployment architecture:

• High Availability enables visibility and control across the entire globally distributed network environment, automatically replicating information to multiple locations and dramatically reducing time to recover by enabling immediate re-creation of the environment in a new location. It also allows IT organizations to extend best practices and knowledge across multiple locations and ensure operational consistency across the enterprise.

CiscoWorks NCM supports an extensive range of Cisco equipment plus devices from 35 other vendors. Categories include routers, switches, firewalls, wireless access points, VPN devices, network accelerators, network load balancers, and other appliances that serve dedicated functions such as terminal and proxy servers. CiscoWorks NCM can be easily upgraded to support new devices as they become available or to meet market demand.

LICENSING

CiscoWorks NCM is licensed on the basis of the number of nodes to be managed and whether the High Availability and Satellite features are enabled. Customers must purchase a software license for the core server for the desired count of managed nodes plus a license for the High Availability and Satellite features.

A managed node is a management IP address and the configuration details for the system accessed by the management IP address. In most cases, a single device is equivalent to a single node. In more complex cases, such as a Cisco Catalyst switch in hybrid mode, where the device is running as two separate configurations, each configuration is counted as a managed node. This is because in hybrid mode the switch has two management IP addresses and two configuration files. For licensing purposes, unmanaged nodes are not counted toward the licensed total node count. See the Ordering Guide for more details.

INSTALLATION

In CiscoWorks NCM 1.0, users were restricted to install NCM on a dedicated server to avoid port access conflict for HTTP, HTTPS, Telnet, Syslog, and other functions. This restriction has been removed in CiscoWorks NCM 1.1. Users can now install NCM and LMS on the same server (Windows version only). Please refer to the following checklist for detailed information on preparing your network for CiscoWorks NCM deployment. Tables 2 through 7 list recommended configurations.

Cisco offers a wide range of services programs to accelerate customer success. These innovative services programs are delivered through a unique combination of people, processes, tools, and partners, resulting in high levels of customer satisfaction. Cisco services help you to protect your network investment, optimize network operations, and prepare the network for new applications to extend network intelligence and the power of your business. For more information about Cisco Services, see Cisco Technical Support Services or Cisco Advanced Services.